CVE-2010-4689

Description

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460.

Related CPE's

ociscoadaptive_security_appliance_software********

ociscoadaptive_security_appliance_software7.0*******

ociscoadaptive_security_appliance_software7.0\(0\)*******

ociscoadaptive_security_appliance_software7.0\(2\)*******

ociscoadaptive_security_appliance_software7.0\(4\)*******

ociscoadaptive_security_appliance_software7.0\(5\)*******

ociscoadaptive_security_appliance_software7.0\(5.2\)*******

ociscoadaptive_security_appliance_software7.0\(6.7\)*******

ociscoadaptive_security_appliance_software7.0.1*******

ociscoadaptive_security_appliance_software7.0.1.4*******

References

http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf

45768

1024963

cisco-asa-acl-security-bypass(64575)

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:C/A:N

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

COMPLETE

AvailabilityImpact

NONE

BaseScore

7.800000190734863

Created by Yello
About Severity.io